The World Economic Forum’s Global Blockchain Council has laid out a foundational set of principles for those building with blockchain technology and decentralised infrastructure in a bid to preserve and protect user rights.
The Council, over a year, developed 16 user rights under the newly launched “Presidio Principles”, which brings together individuals with varying interests and perspectives on the current state and future of blockchain; it was workshopped globally with technologists and civil society.
Sheila Warren, Head of Blockchain and Data Policy at World Economic Forum, said that global alignment between the public and private sectors is needed for the blockchain technology to scale in its next phase but Covid-19 has accelerated the development and use of emerging technology across industries.
Moreover, she said that the blockchain ecosystem needed a baseline for designing applications that preserve the rights of users.
“During our council meeting, we realised we could help curb many of the mistakes and missteps seen so far if we were able to provide developers, governments and executives with a ‘Bill of Rights’ style document.”
Rights are grouped into four broad pillars: Transparency and Accessibility – the right to information about the system; Privacy and Security – the right to data protection; Agency and Interoperability – the right for individuals to own and manage their data; and Accountability and Governance – the right for system users to understand available recourse.
The Forum is partnering with ecosystem leaders from Hyperledger and Ethereum, as well as the consulting and investor communities to issue specific "Guidance Documents" around how the principles can be implemented on a more tactical level.
Organisations who have signed up for this commitment are World Economic Forum, ConsenSys, Deloitte Consulting LLP, Blockchain Research Institute, Everledger, World Food Programme, Electric Coin Company, Protocol Labs, Blockchain Trust Accelerator & Digital Impact and Governance Initiative, Presidency of Colombia, CoinShares, OmiseGO, Accenture, Andreessen Horowitz and AZA.
Enhancing trust and security
Warren said that these will further help developers, governments, executives, corporate boards, international organizations and others implement the principles and take action now.
Additionally, Global Blockchain Council members will be partnering with individual organisations, associations and membership-based entities and investors for virtual sessions on how companies can meaningfully implement the principles in their operations.
“As fiduciaries, it is our responsibility to act not only in the interest of our investors but also in a manner that better aligns investor outcomes with the broader objectives of society,” said Meltem Demirors, Chief Strategy Officer at CoinShares.
“By incorporating the Presidio Principles into our investment analysis, ownership policies, and disclosures, we will introduce a voluntary set of investment guidelines for professional asset managers allocating institutional capital into digital currencies and blockchain networks.”
Joseph Lubin, Founder of ConsenSys, said that decentralised protocols are designed to enhance trust and security through transparency.
“The Presidio Principles are a valuable next step for creating ecosystem-wide accountability to these goals. We hope all builders of Ethereum-based projects – and across the blockchain landscape – will sign on to demonstrate their commitment to the users of their systems and applications,” he said.
The Presidio Principles
- Understand how a service is operated, including potential risks of the service, availability of source code, and the rules and standards upon which it is based.
- Understand the potential risks and benefits of a service’s use of blockchain technology.
- Understand system performance expectations and where the responsibility for service delivery lies.
- Understand the rights and obligations of different participants in the system.
- Create, manage, and independently store cryptographic keys.
- Manage the consent of data stored in third-party systems.
- Port data between interoperable systems or parts of a system.
- Revoke consent for future data collection.
- Have access to information sufficient to facilitate system interoperability.
- Assess if their data is at risk through appropriate disclosure procedures, which may include, but are not limited to, an examination of audit results, certifications, or source code.
- Have their data protected in accordance with internationally recognised technical security standards.
- Limit data collection to that which is necessary and data use to the purpose for which it was provided.
- Verify – through third-party or self-created tools – that operations have been completed and confirmed in accordance with the system’s rules.
- Access information needed to: (a) understand the system’s governance and rules and (b) pursue effective recourse mechanisms.
- Opt-out of using applications that don’t treat data in accordance with internationally recognised governance and data protection standards.
- Rectify demonstrably false, inaccurate, or incomplete data when necessary.